Vulnerability Details CVE-2021-20103
Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2021-20103
-
cpe:2.3:a:machform:machform:13
-
cpe:2.3:a:machform:machform:14
-
cpe:2.3:a:machform:machform:15
-
cpe:2.3:a:machform:machform:2.0
-
cpe:2.3:a:machform:machform:3.5
-
cpe:2.3:a:machform:machform:4.2.3